Aussies caught up in Ticketmaster data hack attack

ONE of the world's largest ticketing groups began contacting Australians today after a widespread hack compromised the payment and personal details of thousands of users worldwide.

Ticketmaster, which is the official way to get AFL and NRL tickets, revealed more than 40,000 of its British customers had their information compromised in the attack, which may have also revealed banking details of Australian users through malicious software hosted by Spanish firm Inbenta.

The ticketing company said it had yet to confirm whether Australian ticket buyers had been exposed in the incident but, in warnings emailed to customers this morning, said it was working with forensic investigators, "credit card companies and banks".

Ticketmaster made a statement informing customers that personal information may have been compromised.
Ticketmaster made a statement informing customers that personal information may have been compromised.

"As a result of Inbenta's product running on Ticketmaster International websites, some of our customers' personal or payment information may have been accessed by an unknown third-party," the Ticketmaster email said.

"We are contacting you because you purchased, or attempted to purchase, tickets between September 2017 and June 23, 2018.

"Whilst we have no evidence to suggest your data has been compromised, we are notifying you out of an abundance of caution."

Information exposed in the attack included customers' names, email addresses, telephone numbers, and their credit card details.

Ticketmaster said "less than five per cent" of its customers had been affected by the digital break-in, but could not confirm whether Australians were among those vulnerable.

If confirmed, the hack could fall under Australia's new Notifiable Data Breach law, introduced on February 22, which compels companies to report cases in which customer information has been compromised.

Statistics released under the scheme showed 55 breaches were reported in March, up from just eight in February. Health service providers recorded the greatest number of incidents, followed by legal, accounting, and management firms, and financial details were revealed in 30 per cent of reported cases.